Bug 491084
| Summary: | Review Request: medusa - parallel brute forcing pasword cracker | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Jan F. Chadima <jchadima> |
| Component: | Package Review | Assignee: | Miroslav Suchý <msuchy> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | fedora-package-review, himanshu.sharmaa, msuchy, notting, pahan, rebus |
| Target Milestone: | --- | Flags: | msuchy:
fedora-review+
gwync: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | medusa-2.1.1-5.el7 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-04-22 11:33:51 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Jan F. Chadima
2009-03-19 12:18:41 UTC
I will do this review. Url should be: http://www.foofus.net/jmk/medusa/medusa.html ==============
Key:
- = N/A
x = Check
! = Problem
? = Not evaluated
=== REQUIRED ITEMS ===
[x] Package is named according to the Package Naming Guidelines.
[x] Spec file name must match the base package %{name}, in the format
%{name}.spec.
[!] Package meets the Packaging Guidelines including the Perl specific items
[!] Package successfully compiles and builds into binary rpms on at least one
supported architecture.
[!] Rpmlint output: empty
.... I really did not went further in review.
Please read
http://fedoraproject.org/wiki/Packaging:Guidelines
before submission and make sure the package meet the requirements. Please post here updated spec and srpm, when you fix the errors.
Failed items:
Please change Summary from:
medusa is parallel brute forcing pasword cracker
to:
Parallel brute forcing password cracker
(also note missing "s" in password)
medusa did not built:
http://koji.fedoraproject.org/koji/taskinfo?taskID=1249822
due missing build requires:
No Package Found for afpfs-ng-devel
$ rpmlint medusa-1.5-1.fc11.src.rpm
medusa.src: E: no-cleaning-of-buildroot %install
medusa.src: E: no-cleaning-of-buildroot %clean
medusa.src: W: mixed-use-of-spaces-and-tabs (spaces: line 19, tab: line 11)
medusa.src: W: summary-not-capitalized medusa is parallel brute forcing pasword cracker
medusa.src: E: description-line-too-long Medusa is a speedy, massively parallel, modular, login brute-forcer for network services. Some of the key features of Medusa are:
medusa.src: E: description-line-too-long * Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently.
medusa.src: E: description-line-too-long * Flexible user input. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or a file containing multiple entries. Additionally, a combination file format allows the user to refine their target listing.
medusa.src: E: description-line-too-long * Modular design. Each service module exists as an independent .mod file. This means that no modifications are necessary to the core application in order to extend the supported list of services for brute-forcing.
medusa.src: W: no-version-in-last-changelog
medusa.src: W: invalid-license GPL
1 packages and 0 specfiles checked; 6 errors, 4 warnings.
Three things that can be found by skimming over the spec file: * http://fedoraproject.org/wiki/Packaging/Guidelines#Parallel_make * http://fedoraproject.org/wiki/Packaging/Guidelines#Why_the_.25makeinstall_macro_should_not_be_used * Directory %{_libdir}/medusa is not included: https://fedoraproject.org/wiki/Packaging/UnownedDirectories repaired packages are on page:http://www.benhur.prf.cuni.cz/medved-7/wydobitki/path=fedora Spec URL: http://www.benhur.prf.cuni.cz/medved-7/wydobitki/fedora/medusa.spec SRPM URL: http://www.benhur.prf.cuni.cz/medved-7/wydobitki/fedora/medusa-1.5-1.fc11.src.rpm Not Found The requested URL /medved-7/wydobitki/path=fedora was not found on this server. It is good habit to bump up release with new revision of package. Builds still fails: http://koji.fedoraproject.org/koji/taskinfo?taskID=1249939 DEBUG util.py:256: No Package Found for afpfs-ng-devel The proper path is: /medved-7/wydobitki/?path=fedora The package is testet to compile on enwironmet without afp packages. Spec URL: http://www.benhur.prf.cuni.cz/medved-7/wydobitki/fedora/medusa.spec SRPM URL: http://www.benhur.prf.cuni.cz/medved-7/wydobitki/fedora/medusa-1.5-2.fc11.src.rpm It still do not build: http://koji.fedoraproject.org/koji/taskinfo?taskID=1250906 http://koji.fedoraproject.org/koji/getfile?taskID=1250908&name=build.log /var/tmp/rpm-tmp.mzjJhi: line 29: aclocal: command not found You may want to add automake to buildrequires... Please run: koji build --scratch dist-f11 medusa-1.5-2.fc11.src.rpm before sending updated src.rpm and make sure that the build succeed. And rpmlint still give 8 errors. Please run rpmlint -i medusa-1.5-2.fc11.src.rpm And make sure you fixed all errors and warnings. tested with koji build Spec URL: http://www.benhur.prf.cuni.cz/medved-7/wydobitki/fedora/medusa.spec SRPM URL: http://www.benhur.prf.cuni.cz/medved-7/wydobitki/fedora/medusa-1.5-3.fc11.src.rpm OK. It build now.
Although there is huge list of compilers warnings. (will be nice to fix, but not necessery).
There is also warning:
checking for openssl/ssl.h... no
configure: WARNING: *** OpenSSL header files required for SSL support. ***
Many of the Medusa modules depend on the OpenSSL library and header files. If
multiple modules are unexpectedly disabled, this is likely the cause. Make sure
to install libssl-dev, openssl-devel or whatever package your distribution uses
to distribute these files.
not sure if you would like to enable it by specifying additional requirements.
Rpmlint still say a lot of errors:
Do not use
rm -rf ${buildroot}
use either
rm -Rf $RPM_BUILD_ROOT
or
rm -rf %{buildroot}
medusa.src: W: mixed-use-of-spaces-and-tabs (spaces: line 24, tab: line 11)
The specfile mixes use of spaces and tabs for indentation, which is a cosmetic
annoyance. Use either spaces or tabs for indentation, not both.
Your description lines must not exceed 79 characters. If a line is exceeding
this number, cut it to fit in two or more lines.
medusa.src: W: invalid-license GPL
The value of the License tag was not recognized. Known values are: "GPL+", "GPL+ or Artistic", "GPLv1",
"GPLv2 or Artistic", "GPLv2+ or Artistic", "GPLv2", "GPLv2 with exceptions",
"GPLv2+", "GPLv2+ with exceptions", "GPLv3", "GPLv3 with exceptions",
"GPLv3+", "GPLv3+ with exceptions"
When you will fix these errors, I will check rest of the requirements.
Spec URL: http://www.benhur.prf.cuni.cz/medved-7/wydobitki/fedora/medusa.spec SRPM URL: http://www.benhur.prf.cuni.cz/medved-7/wydobitki/fedora/medusa-1.5-4.fc11.src.rpm koji tested, rpmlint tested all modules except afp are included. I hate to say it, but ... yes rpmlint is silent on src.rpm, but ... $ rpmlint medusa-1.5-4.fc11.i586.rpm medusa.i586: E: zero-length /usr/share/doc/medusa-1.5/NEWS ==============
Key:
- = N/A
x = Check
! = Problem
? = Not evaluated
=== REQUIRED ITEMS ===
[x] Package is named according to the Package Naming Guidelines.
[x] Spec file name must match the base package %{name}, in the format
%{name}.spec.
[x] Package meets the Packaging Guidelines including the Perl specific items
[x] Package successfully compiles and builds into binary rpms on at least one
supported architecture.
Tested on: devel/i586, devel/x86_64, devel/ppc, devel/ppc64
[!] Rpmlint output: empty
[x] Package is not relocatable.
[x] Buildroot is correct
%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
[x] Package is licensed with an open-source compatible license and meets other
legal requirements as defined in the legal section of Packaging Guidelines.
[x] License field in the package spec file matches the actual license.
License type: GPLv2
[-] If (and only if) the source package includes the text of the license(s) in
its own file, then that file, containing the text of the license(s) for the
package is included in %doc.
[x] Spec file is legible and written in American English.
[x] Sources used to build the package matches the upstream source, as provided
in the spec URL.
SHA1SUM of package: 82f884666161af80f8cee7a7d5c7554d
medusa-1.5.tar.gz
[x] Package is not known to require ExcludeArch
[x] All build dependencies are listed in BuildRequires, except for any that
are listed in the exceptions section of Packaging Guidelines.
[-] The spec file handles locales properly.
[-] ldconfig called in %post and %postun if required.
[x] Package must own all directories that it creates.
[x] Package requires other packages for directories it uses.
[x] Package does not contain duplicates in %files.
[x] Permissions on files are set properly.
[x] Package has a %clean section, which contains rm -fR $RPM_BUILD_ROOT.
[x] Package consistently uses macros.
[x] Package contains code, or permissable content.
[-] Large documentation files are in a -doc subpackage, if required.
[x] Package uses nothing in %doc for runtime.
[-] Header files in -devel subpackage, if present.
[-] Static libraries in -devel subpackage, if present.
[-] Package requires pkgconfig, if .pc files are present.
[-] Development .so files in -devel subpackage, if present.
[-] Fully versioned dependency in subpackages, if present.
[x] Package does not contain any libtool archives (.la).
[-] Package contains a properly installed %{name}.desktop file if it is a GUI
application.
[x] Package does not own files or directories owned by other packages.
=== SUGGESTED ITEMS ===
[x] Latest version is packaged.
[x] Package does not include license text files separate from upstream.
[-] Description and summary sections in the package spec file contains
translations for supported Non-English languages, if available.
[x] Reviewer should test that the package builds in mock.
Tested on: koji scratch build
[x] Package should compile and build into binary rpms on all supported
architectures.
Tested on:koji scratch build
[?] Package functions as described.
[-] Scriptlets must be sane, if used.
[-] The placement of pkgconfig(.pc) files is correct.
[-] File based requires are sane.
[-] %check is present and the tests pass
So the zero length NEWS file is only remaining problem.
Spec URL: http://www.benhur.prf.cuni.cz/medved-7/wydobitki/fedora/medusa.spec SRPM URL: http://www.benhur.prf.cuni.cz/medved-7/wydobitki/fedora/medusa-1.5-5.fc11.src.rpm APPROVED New Package CVS Request ======================= Package Name: medusa Short Description: parallel brute forcing pasword cracker Owners: jfch2222 Branches: F-10 F-11 InitialCC: cvs done. *** Bug 557254 has been marked as a duplicate of this bug. *** Package Change Request ====================== Package Name: bkhive New Branches: epel7 Owners: rebus Hello SCM team, plase can you add epel7 branch for the medusa package? Michal Ambroz Git done (by process-git-requests). Package Change Request ====================== Package Name: medusa New Branches: epel7 el6 Owners: rebus Hello SCM team, plase can you add epel7 and el6 branch for the medusa package? Sorry my bad - I used wrong copy-paste from other package. Now the good one. Michal Ambroz Git done (by process-git-requests). medusa-2.1.1-5.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/medusa-2.1.1-5.el7 medusa-2.1.1-5.el7 has been pushed to the Fedora EPEL 7 stable repository. |